Oyster

Senior Counsel, Privacy and AI

Oyster

full-time

Posted on:

Location Type: Remote

Location: Spain

Visit company website

Explore more

AI Apply
Apply

Salary

💰 €90,000 - €110,000 per year

Job Level

Senior

About the role

  • Drive Oyster’s global privacy program and AI roadmaps and metrics with a focus on business objectives, risk appetite, and trust commitments.
  • Serve as counsel for EU data protection regulations, including international transfers (SCCs, TIAs, DPF where applicable), records of processing (ROPA), retention, and data governance.
  • Support the company‑wide strategy for AI governance (EU AI Act readiness, model/system classification, risk management, data/records obligations, provider/ deployer duties, transparency and human oversight).
  • Partner with leadership on executive‑level and customer‑facing trust narratives; prepare briefings and documentation for team leads, execs, and auditors.
  • Advise on new and existing products/workflows (including automation and ML features): run DPIAs/PIAs, AI impact assessments, dataset and data‑minimization reviews, and human‑in‑the‑loop/appeal mechanisms.
  • Translate requirements into actionable controls (requirements, checklists, guardrails, redlines) and integrate with issue trackers and engineering workflows.
  • Define model/data governance requirements: data sourcing, annotation, retention/deletion, access controls, evaluation, monitoring, and incident/rollback plans.
  • Draft/maintain DPAs, SCCs, and AI‑related contractual clauses; negotiate high‑impact privacy and AI terms with customers and vendors.
  • Partner with procurement and security teams on third-party due diligence, transfer impact assessments, and ongoing assurance.
  • Lead operational processes: ROPA, DSARs, consent/cookie governance, marketing/privacy for growth initiatives, retention schedules, and access controls.
  • Co‑lead incident response for privacy/AI‑related events (breach assessment, notification, regulator/stakeholder comms, lessons learned).

Requirements

  • Juris Doctorate or equivalent law degree and at least 7 years of experience advising on EU data regulations as a fully licensed practicing attorney.
  • Deep expertise in EU data protection regimes; hands‑on leadership of DPIAs, TIAs, ROPAs, retention, DSARs, vendor governance, and incident response.
  • Demonstrated experience operationalizing AI governance (e.g. EU AI Act readiness), including system classification, risk management, transparency/UX notices, human oversight, and documentation.
  • Proven ability to build and scale playbooks, templates, and processes (privacy and AI) that measurably improve speed, quality, and risk posture.
  • Commercial acumen with strong negotiation skills on privacy/AI terms, SCCs, data rights, and risk‑balancing positions.
  • Strong attention to detail with clear, effective communication across technical and non-technical teams.
  • Demonstrated ability to communicate clearly and effectively in asynchronous environments, effectively using written updates and documentation to collaborate across time zones with distributed teams.
  • Able to work independently, exercising sound judgment in a fast-paced environment.
  • Comfortable adapting to shifting priorities in high-output settings.
  • Collaborative and dependable team contributor with a pragmatic, problem-solving mindset.
Benefits
  • Paid time off: Enjoy 40 days off per year (including holidays and vacation), or more if required by your country.
  • Mental health support: Access Plumm, our mental well-being service.
  • Wellbeing allowance: Each month, receive a wellbeing allowance in your ThanksBen wallet. Spend it on a wide range of options; see the benefits catalogue for ideas.
  • Flexible parental leave: All new parents are eligible for at least three months’ paid leave, with job protection for up to 12 months or as required locally.
  • WFH stipend: Receive a stipend for your laptop and home office equipment to get you set up quickly.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
EU data protection regulationsDPIAsTIAsROPADSARsAI governancerisk managementdata governancedata minimizationincident response
Soft Skills
negotiation skillsattention to detaileffective communicationindependent workproblem-solving mindsetcollaborationadaptabilityjudgmentleadershipcommercial acumen
Certifications
Juris Doctoratelicensed practicing attorney